#!/usr/bin/python3.4
# -*- coding=utf-8 -*-
#本脚由亁颐堂现任明教教主编写，用于乾颐盾Python课程！
#教主QQ:605658506
#亁颐堂官网www.qytang.com
#乾颐盾是由亁颐堂现任明教教主开发的综合性安全课程
#包括传统网络安全（防火墙，IPS...）与Python语言和黑客渗透课程！
import requests
from http.client import HTTPSConnection
from base64 import b64encode
import ssl
from xml.etree.ElementTree import parse
from xml.etree.ElementTree import XML
from getpass import getpass
import json

def asa_cli(ip,username,password,clis,verbose=True,port=443):
	context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)#ssl支持的协议版本
	context.verify_mode = ssl.CERT_NONE#CERT_NONE, CERT_OPTIONAL or CERT_REQUIRED（并不检查证书有效性）
	context.load_verify_locations('/usr/share/kde4/apps/kssl/ca-bundle.crt')#根证书文件
	c = HTTPSConnection(ip, port=port, context=context)
	user_pass_str = username + ':' + password
	user_pass_str_encode = user_pass_str.encode()
	userAndPass = b64encode(user_pass_str_encode).decode("ascii")
	headers = {}
	headers['Authorization'] = 'Basic %s' %  userAndPass
	headers['Content-Type'] = 'application/json'
	cli_str = ''
	for cli in clis:
		cli_str = cli_str + '"' + cli + '"'+ ','
	cli_str = cli_str[:-1]
	post_json = '{"commands": [%s]}' % cli_str
	c.request('POST', '/api/cli', body=post_json, headers=headers)
	if verbose == True:
		res = c.getresponse()
		JSON_Source = json.loads(res.read().decode())
		cmd_response = JSON_Source['response']
		cmd_result = zip(clis, cmd_response)
		for x in cmd_result:
			print('='*20 + x[0] + '='*20)
			print(x[1])

if __name__ == "__main__":
	#ipaddr = input('ASA地址: ')
	#username = input('用户名: ')
	#password = getpass('密码: ')
	#asa_route_add(ipaddr,username,password,ifname,dst,gw)
	asa_cli('192.168.1.10','apiuser','cisco',['show ver', 'show run'])
	#asa_cli('192.168.1.10','apiuser','cisco',["object network rest-cli-demo", "host 1.1.1.1"])
